Feeds

Webtapping battle lines drawn

'Significant risk to the entire Internet'

  • alert
  • submit to reddit

Top 5 reasons to deploy VMware with Tegile

The public comment period on a Justice Department proposal to make the Internet easier to wiretap ended on Monday with most of the filed comments tracing a clean line between two opposing camps.

On the government's side, federal, state and local law enforcement agencies who perform wiretaps, allied with companies who sell surveillance equipment and services: on the other, Internet companies who would be forced by the plan to make changes to their networks, along with advocacy groups concerned about slowed innovation and an incursion on Internet privacy.

The controversy kicked off last month when the Department of Justice, the FBI and the U.S. Drug Enforcement Administration jointly petitioned the Federal Communications Commission (FCC) to immediately direct broadband providers to modify their networks to be more easily wiretapped by law enforcement, and to begin an "expedited rulemaking" of new regulations that would mandate that any new communications technology be certified as wiretap-ready by the government before launch.

The petition capped over a year of low-key lobbying at the commission by Justice and FBI lawyers seeking to expand the reach of the 1994 Communication's Assistance for Law Enforcement Act (CALEA), which already mandates surveillance backdoors in U.S. telephone networks. The FCC issued a notice on the proposal, and opened the question to public comments.

Federal law already compels ISPs to co-operate with law enforcement in court-approved surveillance of customers. But as police rely more on Internet snooping - with tools like the FBI's "Carnivore" DCS-1000 packet sniffer - they've begun to crave the speed and ease-of-use of the wiretapping infrastructure that CALEA grafted onto the modern telephone network, described in a filing by the New York state Attorney General's office this way:

"Within minutes of receipt of the court order, warrants for the interception of wireless devices can be implemented by the communications carriers. With just a few computer key strokes, the connection is made directly between law enforcement's computerised listening stations and the telephone service provider's computerised switches."

The Justice Department plan would make Internet taps as easy, though at great expense to Internet service providers and their customers. The EFF, ACLU, the Electronic Privacy Information Center and the Center for Democracy and Technology all filed comments opposing the plan, and an ACLU letter-drive generated hundreds of mailings from citizens against what the group called "the New Ashcroft Internet Snooping Request."

All four groups argue that the Justice Department failed to demonstrate any need for the expansion, that the language of CALEA makes it clear that it cannot legally be applied to the Internet, and that innovation would be chilled by the Department's request that new technologies be pre-programmed for surveillance. "It threatens to render stillborn a brand new communications industry and poses a significant risk to the entire Internet," the ACLU wrote.

"The FBI's rulemaking petition would impose a massive bureaucratic structure upon innovation in communications," wrote the EFF. "Yet the FBI has offered no evidence that this rulemaking is justified in terms of its civil-liberties and economic costs." The group also argues that the surveillance backdoors would make Internet connections more vulnerable to electronic criminals and unauthorised eavesdroppers.

In another filing, the American Library Association and 13 college and university groups also opposed the petition, because "innovation will be threatened, privacy diminished, and unnecessary costs imposed" on libraries and campuses that provide broadband connectivity.

Internet Security Threat Report 2014

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.